A sharp rise in system intrusions has emerged as the dominant driver of data breaches across the Asia-Pacific region, including Australia, according to Verizon Business’s newly published 2025 Data Breach Investigations Report (DBIR).
The annual study, now in its 18th edition, revealed that 80% of breaches in the region were tied to system intrusion incidents – more than double the previous year’s 38%.
The DBIR, based on an analysis of over 22,000 security incidents and more than 12,000 confirmed data breaches worldwide, outlines a shifting threat landscape, with implications for insurers, brokers, and enterprise risk teams.
Malware was a component in 83% of APAC breaches this year, up from 58% in 2024, while ransomware featured in 51% of cases, indicating continued pressure on business continuity and cyber liability exposures.
Robert Le Busque, Verizon Business regional vice president for Asia Pacific, said external actors are increasingly focusing on critical infrastructure and exploiting third-party weaknesses.
“This year’s report reinforces the growing complexity and persistence of cyber threats facing organisations worldwide. In the Asia-Pacific region in particular, external actors are targeting critical infrastructure and exploiting third-party vulnerabilities. The rising incidence of breaches highlights the imperative for businesses to reassess their risk frameworks,” he said.
The report highlighted a marked decline in the proportion of social engineering attacks, down to 20% of regional breaches. However, Verizon noted that the absolute volume of such incidents has not reduced significantly. The percentage shift is largely attributed to the growing prevalence of system-based attacks.
Separate research from cybersecurity firm Surfshark reported that nearly 400,000 Australian accounts were compromised in the first quarter of 2025, positioning Australia among the top 20 most affected countries. While this marked a 98% drop from the previous quarter’s 17 million incidents, the findings underscore the persistent risk facing local businesses.
Meanwhile, ransomware attacks in Australia more than doubled year-on-year in February, with 962 incidents recorded, according to Bitdefender’s March 2025 threat report. The country ranked sixth globally for ransomware detection, indicating a growing need for cyber preparedness among insurers and their clients.
On the global front, the DBIR recorded a 34% rise in breaches exploiting vulnerabilities, particularly through zero-day attacks on external-facing systems and VPNs. Ransomware remained a prominent tactic, appearing in 44% of global breaches – a 37% increase year-on-year. Incidents involving third parties also doubled, drawing attention to ongoing supply chain risks.
The report also pointed to elevated breach activity in the manufacturing and healthcare sectors, often motivated by espionage, while education, finance, and retail industries continued to face sustained cyber pressure. Ransomware’s impact was found to be disproportionately high on small and medium-sized enterprises (SMEs), with a median ransom demand of US$115,000.
Craig Robinson, IDC’s vice president for security services, said that while more organisations are declining to pay ransoms, SMEs remain especially vulnerable.
This year’s DBIR findings reflect a mixed bag of results. Glass-half-full types can celebrate the rise in the number of victim organisations that did not pay ransoms with 64% not paying vs 50% two years ago,” he said.
However, smaller firms with limited cybersecurity capacity continue to face high ransomware prevalence, showing up in 88% of their breaches.
